GLSA-202409-26 : IcedTea: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202409-26 IcedTea: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in IcedTea. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly...

IcedTea: Multiple Vulnerabilities

Background IcedTea’s aim is to provide OpenJDK in a form suitable for easy configuration, compilation and distribution with the primary goal of allowing inclusion in GNU/Linux distributions. Description Multiple vulnerabilities have been discovered in IcedTea. Please review the CVE identifiers...

PyCrypto: Weak key generation

Background PyCrypto is the Python Cryptography Toolkit. Description It was discovered that PyCrypto incorrectly generated ElGamal key parameters. Impact Attackers may be able to obtain sensitive information by reading ciphertext data. Workaround There is no known workaround at this time. Resoluti...

Thin: Privilege escalation

Background Thin is a small and fast Ruby web server. Description It was discovered that Gentoo’s Thin ebuild does not properly handle its temporary runtime directories. This only affects OpenRC systems, as the flaw was exploitable via the init script. Impact A local attacker could cause denial of...

Icinga: Root privilege escalation

Background Icinga is an open source computer system and network monitoring application. It was originally created as a fork of the Nagios system monitoring application in 2009. Description It was discovered that Icinga’s installed files have insecure permissions, possibly allowing root privilege...

GLSA-202007-31 : Icinga: Root privilege escalation

The remote host is affected by the vulnerability described in GLSA-202007-31 Icinga: Root privilege escalation It was discovered that Icingas installed files have insecure permissions, possibly allowing root privilege escalation. Impact : A local attacker could escalate privileges to root...

GLSA-201908-03 : JasPer: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201908-03 JasPer: Multiple vulnerabilities Multiple vulnerabilities have been discovered in JasPer. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details...

hesiod: Root privilege escalation

Background DNS functionality to access to DB of information that changes infrequently. Description Multiple vulnerabilities have been discovered in hesiod that have remained unaddressed. Please review the referenced CVE identifiers for details. Impact A remote or local attacker may be able to...

JabberD 2.x: Multiple vulnerabilities

Background JabberD 2.x is an open source Jabber server written in C. Description Multiple vulnerabilities have been discovered in Gentoo’s JabberD 2.x ebuild. Please review the referenced CVE identifiers for details. Impact An attacker could possibly escalate privileges by owning system binaries ...

AutoTrace: Multiple vulnerabilities

Background AutoTrace converts bitmap to vector graphics. Description Heap-based buffer overflows have been discovered in the pstoeditsuffixtableinit and pnmloadrawpbm functions of AutoTrace. Impact Remote attackers, by enticing a user to process a crafted bmp image file, could cause a Denial of...

CyaSSL: Multiple vulnerabilities

Background CyaSSL is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. Description Multiple vulnerabilities have been discovered in CyaSSL. Please review the CVE identifiers referenced below for details. Impact An attacker could possibly execute arbitrary code...

libCapsiNetwork: Denial of service

Background libCapsiNetwork is a C++ network library to allow fast development of server daemon processes. Description An off-by-one buffer overflow in libcapsinetwork network handling code is discovered. Impact A remote attacker could send a specially crafted request to application, that is linke...

Gentoo Security Advisory GLSA 201209-25 (vmware-server vmware-player vmware-workstation)

The remote host is missing updates announced in advisory GLSA 201209-25. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

VMware Player, Server, Workstation: Multiple vulnerabilities

Background VMware Player, Server, and Workstation allow emulation of a complete PC on a PC without the usual performance overhead of most emulators. Description Multiple vulnerabilities have been discovered in VMware Player, Server, and Workstation. Please review the CVE identifiers referenced...

Gentoo Security Advisory GLSA 201204-05 (SWFTools)

The remote host is missing updates announced in advisory GLSA 201204-05. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 201201-15 (ktsuss)

The remote host is missing updates announced in advisory GLSA 201201-15. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 201201-15 (ktsuss)

The remote host is missing updates announced in advisory GLSA 201201-15. Copyright C 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

Gentoo Security Advisory GLSA 200907-08 (rt2400 rt2500 rt2570 rt61 ralink-rt61)

The remote host is missing updates announced in advisory GLSA 200907-08. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

Gentoo Security Advisory GLSA 200903-26 (tmsnc)

The remote host is missing updates announced in advisory GLSA 200903-26. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200812-20 (phpcollab)

The remote host is missing updates announced in advisory GLSA 200812-20. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...